Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 29 Nov 2008 14:27:23 +0300 (MSK)
From:      Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To:        FreeBSD-gnats-submit@freebsd.org
Cc:        freebsd-vuxml@freebsd.org
Subject:   [vuxml] editors/vim: document CVE-2008-3432
Message-ID:  <20081129112723.27E6BB8019@phoenix.codelabs.ru>
next in thread | raw e-mail | index | archive | help 

>Submitter-Id:	current-users
>Originator:	Eygene Ryabinkin
>Organization:	Code Labs
>Confidential:	no 
>Synopsis:	[vuxml] editors/vim: document CVE-2008-3432
>Severity:	non-critical
>Priority:	medium
>Category:	ports
>Class:		sw-bug
>Release:	FreeBSD 7.0-STABLE amd64
>Environment:

System: FreeBSD 7.0-STABLE amd64

>Description:

There is CVE-2008-3432 that addresses the heap-based buffer overflow in
vim 6.2 and 6.3.  While these are rather dated, someone might still be
using them.

>How-To-Repeat:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3432
http://www.openwall.com/lists/oss-security/2008/07/15/4

>Fix:

The following VuXML entry should be evaluated and added:
--- vuln.xml begins here ---
  <vuln vid="">
    <topic>vim -- heap-based overflow while parsing shell metacharacters</topic>
    <affects>
      <package>
	<name>vim</name>
	<name>vim-lite</name>
	<name>vim-gtk2</name>
	<name>vim-gnome</name>
	<range><ge>6.2.521</ge><lt>6.3.62</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">;
	<p>Description for CVE-2008-3432 says:</p>
	<blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3432">;
	<p>Heap-based buffer overflow in the mch_expand_wildcards
	function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted
	attackers to execute arbitrary code via shell metacharacters
	in filenames, as demonstrated by the netrw.v3 test case.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2008-3432</cvename>
      <url>http://www.openwall.com/lists/oss-security/2008/07/15/4</url>;
    </references>
    <dates>
      <discovery>2008-07-31</discovery>
      <entry>today</entry>
    </dates>
  </vuln>
--- vuln.xml ends here ---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081129112723.27E6BB8019>